stdapi | Eric Romang Blog

Metasploit provide some commands to extend the usage of meterpreter. We will describe here under the usage of screenshot, screenspy and screengrab.

First of all you require a valid meterpreter session on a Windows box to use these extensions.

screenshot

This stdapi command allow you to create a screen shot from the current Windows interactive desktop.

screenshot command could be used with these arguments :

-h : to display the help banner.
-p : The JPEG image file path. By default $HOME/[randomname].jpeg
-q : The JPEG image quality. By default ’50’.
-v : Automatically view the JPEG image, by default ‘true’.

(bg)run screenspy

Same as the screenshot command, but taking at regular interval screen shot from the current Windows interactive desktop. Require Firefox to visualize the screen shots. A HTML page, containing the new screen shot, will be updated regularly, into Firefox, every x seconds.

screenspy command could be used with these arguments :

-h : to display the help banner.
-d : The delay in seconds between each screen shot. By default 3 seconds.
-t : The time, in second, for the screenspy execution. By default 10 seconds.
-s : The targeted system, linux or windows. By default linux.

screengrab

This espia command attempt to grab a screen shot from the current Windows interactive desktop.

screengrab command coulb be used with these arguments :

-h : to display the help banner.

Metasploit provide some commands to extend the usage of meterpreter. We will describe here under the usage of webcam, webcam_list, webcam_snap and record_mic.
First of all you require a valid meterpreter session on a Windows box to use these extensions.

webcam_list :

This stdapi command provide you a list of all webcams on the target system. Each webcam will have an index number.

webcam_snap :

This stdapi command take a snapshot for the specified webcam, by default number 1 and will try without argument precision to open the saved snapshot.

webcam_snap could have arguments :

-h : to display the help banner.

-i <opt> : The index number of the webcam to use.

-p <opt> : The JPEG image file path. By default $HOME/[randomname].jpeg

-q <opt> : The JPEG image quality, by default ’50’.

-v <opt> : Automatically view the JPEG image, by default ‘true’.

record_mic

This stdapi command record audio, by default 1 second, from the default microphone and will try without argument precision to play the captured audio wav file.

record_mic could have arguments :

-h : to display the help banner.

-d <opt> : Number of seconds to record, by default 1 second (useless).

-f <opt> : The wav file path. By default $HOME/[randomname].wav

-p <opt> : Automatically play the captured audio, by default ‘true’.

(bg)run webcam

Same as the stdapi webcam_snap command, but with loop delay interval to refresh the displayed jpeg snap. A refreshed HTML file, “webcam.htm”, will provide you each x milliseconds a new snapshot. You can invoke the webcam script with run or bgrun meterpreter command.

The possible arguments to begin a recording are :

-h : to display the help banner.

-d <opt> : Loop delay interval in milliseconds, by default 1000.

-f : Just grab a single frame.

-g : Send to the GUI instead of writing file.

-i <opt> : The index of the webcam to use, by default 1.

-l : Keep capturing in a loop, by default (useless).

-p <opt> : The path to the folder images will be saved in, by default current working directory.

-q <opt> : The JPEG quality, by default ’50’.

Metasploit Meterpreter run webcam ruby script

To stop the webcam recording, just type the following command :

Metasploit Meterpreter stop webcam ruby script

Eric Romang Blog

aka wow on ZATAZ.com

Tag Archives: stdapi

Metasploit Meterpreter screenshot screenspy screengrab

Metasploit Meterpreter webcam_list webcam_snap record_mic